# Overview of Authing
Learn what Authing is and why you should choose Authing.
# What is Authing?
Authing is a leading cloud-based identity infrastructure in China, providing enterprises and developers with fast and secure authentication and access management solutions. Its cross-platform, serverless authentication, and authorization cloud platform empowers enterprises to achieve tens of millions of external users, tens of thousands of employees, thousands of SaaS and billions of IoT devices managed securely and reliably. Millions of people have been certified on the Authing platform every month since 2020 and are growing at a rapid pace. Its developer users are located in more than thirty countries around the world, with customers covering education, government, finance, manufacturing, and other fields. The Authing team comes from IBM, Alibaba Cloud, ByteDance, Didi Dache, iQiyi, Motorola, and other leading companies in the industry.
Authing key features include Single Sign-On, User Analytics, Swipe Sign-On, Multi-Factor Authentication, Behavioral Auditing, Risk Management, Cross-platform Device Management, IoT Authentication, etc.; compatible with various international standard protocols: OAuth2.0, OIDC, SAML, AD/ LDAP, WS-Fed, JWT, etc.; there is also Pipeline for function-based computing that extends Authing capabilities without limit. Authing supports cloud delivery and private deployment methods to help enterprises and developers enhance productivity a thousandfold.
# Why use Authing
Here are some usage scenarios of Authing we have compiled:
- You want to develop a cool program, then you want to add user authentication and authorization. You want your users to be able to log in using WeChat and Github. At the same time, you also want to be able to track the user's registration source and activity data so that you can make subsequent user growth.
- You have made an API, and you want to use the OAuth 2.0 protocol to ensure the security of the API.
- You have made a lot of applications, and you hope that the user data of these applications can be interoperable through single sign-on (Single Sign-On).
- You need to make a web application that supports SAML login.
- You think the password is very fragile, so you want users to log in with a one-time mobile verification code or email verification code.
- If your user's password is leaked on another website, you want to be notified so that you can notify your user to reset the password.
- If there are users who fail to log in continuously, you want to ban their IP to prevent DDOS attacks or brute force password cracking.
- You are in a large company that wants to syndicate its existing corporate directory to allow employees to log in to various internal and third-party applications using their existing corporate credentials.
- You don't want (or you don't know how) to implement your own user management solution. You don't want to develop repetitive UIs such as password reset, create, configure, block, and delete users. You just want to focus on your own business development and product design. At this time, you can choose Authing as the authentication middleware.
- You want to enforce multi-factor authentication when users want to access sensitive data.
- You are looking for an identity solution that can help you be compatible with the ever-increasing compliance requirements of SOC2, GDPR, OpenID Connect, etc.
- You want to use data analysis to track users on your website or app. At the same time, you want to use this data to expand customer acquisition channels, measure user retention, and gradually improve the registration process.
# Which industry standards does Authing follow?
Once upon a time, when the computer was an independent system, or when the Internet did not break out, all identity authentication and user data existed in one computer. Now the times have changed. You can use the same login information on multiple applications and websites (such as the "Login with WeChat" that can be seen everywhere). This is achieved by following the same identity authentication standard.
These standards are a set of open specifications and protocols. Following this set of standards can help developers and enterprises design good identity authentication and authorization systems, and at the same time stipulate how to properly manage identities, transfer data, and authorization.
The industry-standard protocols used by Authing include:
- OAuth 2.0: An authorization standard that allows users to grant limited access to their resources on one site to other sites without having to obtain their credentials (usually account passwords). For example, you will use this standard when you click "Log in with WeChat" on your phone, and the system will ask you whether you agree to share your avatar, nickname, and other data with the application.
- Open ID Connect: This is a superset of OAuth 2.0. It provides more useful information and access permissions and standards on top of OAuth 2.0. For example, he defines the user's avatar as the
- JSON Web Tokens: An open standard, mainly used to transmit information securely. Its format is very compact and independent. After parsing, it is a JSON format.
- Security Assertion Markup Language (SAML): An XML-based open data format, SAML allows enterprise applications to seamlessly connect with internal and external programs.
- LDAP: LDAP is a lightweight directory access protocol. The full English name is Lightweight Directory Access Protocol, which is generally referred to as LDAP. You can understand it as a tree-shaped database used to store user and organization information, often used for single sign-on (SSO) and corporate employee information management.
# Next, you may also need
Use Authing to develop the first application:First application
Understand the basic concepts and terminology of Authing to remove obstacles in the process of learning Authing:Basic Concepts
Use Authing to achieve single sign-on:Implement Single Sign-On
Learn about the Authing console to help you complete related configuration more quickly:Overview of Console
Learn about Authing's deployment model to help you understand which deployment method to choose:Privatization Deployment and Pricing